unsafe_html

Removed

Avoid unsafe HTML APIs.

NOTE: This lint is deprecated and will be removed in a future release. Remove all inclusions of this lint from your analysis options.

AVOID

assigning directly to the href field of an AnchorElement
assigning directly to the src field of an EmbedElement, IFrameElement, or ScriptElement
assigning directly to the srcdoc field of an IFrameElement
calling the createFragment method of Element
calling the open method of Window
calling the setInnerHtml method of Element
calling the Element.html constructor
calling the DocumentFragment.html constructor

BAD:

dart

var script = ScriptElement()..src = 'foo.js';

This rule has been removed.

To enable the unsafe_html rule, add unsafe_html under linter > rules in your analysis_options.yaml file:

analysis_options.yaml

yaml

linter:
  rules:
    - unsafe_html

If you're instead using the YAML map syntax to configure linter rules, add unsafe_html: true under linter > rules:

analysis_options.yaml

yaml

linter:
  rules:
    unsafe_html: true

Was this page's content helpful?

Unless stated otherwise, the documentation on this site reflects Dart 3.9.2. Report an issue.

Details